CVE-2011-0364
Cisco Security Agent 5.1-6.0 - Remote Code Execution via Crafted st_upload Request
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-0364. PoCs published by Gerry Eisenhaur.
AI-analyzed exploit summary This exploit targets a directory traversal vulnerability in Cisco Security Agent Management Console (CVE-2011-0364) to upload a malicious .htaccess file and a Perl script, achieving remote command execution by launching calc.exe.
Description
The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.
Exploits (1)
This exploit targets a directory traversal vulnerability in Cisco Security Agent Management Console (CVE-2011-0364) to upload a malicious .htaccess file and a Perl script, achieving remote command execution by launching calc.exe.